CVE-2026-2645 Acceptance of CertificateVerify Message before ClientKeyExchange in TLS 1.2

In wolfSSL 5.8.2 and earlier, a logic flaw existed in the TLS 1.2 server state machine implementation. The server could incorrectly accept the CertificateVerify message before the ClientKeyExchange message had been received. This issue affects wolfSSL before 5.8.4 wolfSSL 5.8.2 and earlier is...

EUVD-2024-42927

Malicious code in bioql PyPI...

Medium: openvpn

Issue Overview: OpenVPN version 2.6.1 through 2.6.13 in server mode using TLS-crypt-v2 allows remote attackers to trigger a denial of service by corrupting and replaying network packets in the early handshake phase CVE-2025-2704 Affected Packages: openvpn Issue Correction: Run dnf update openvpn...

PT-2025-2962 · Sharkssl · Sharkssl

Name of the Vulnerable Software and Affected Versions: SharkSSL version from 05/05/24 commit 64808a5e12c83b38f85c943dee0112e428dc2a43 Description: A heap buffer overflow in the server site handshake implementation allows a remote attacker to trigger a Denial-of-Service via a malformed Client-Hell...

PT-2024-32984 · Real Time Logic · Sharkssl

Name of the Vulnerable Software and Affected Versions: Real Time Logic SharkSSL versions 09.09.24 and earlier Description: A Heap buffer overflow in the server-site handshake implementation allows a remote attacker to trigger a Denial-of-Service via a malformed TLS Client Key Exchange message...

TCP option lost when traffic go through TCP type Load Balance(LB) Vserver

TCP option lost when traffic go through TCP type Load BalanceLB Vserver: 1. Clients send TCP syn to NetScaler with TCP option segment: 2. Backend Servers do not receive TCP handshake with TCP option segment from NetScaler:...

Nextcloud: Trusted servers exchange can be triggered by attacker

Hi again, So this seems to be less bad these days as the trusted servers are no longer enabled by default however they were some versions ago. The trusted servers exchanged the full user list with another server. As soon as 1 federated share is created between two instances. It is questionable if...

DEBIAN-CVE-2014-2903

CyaSSL does not check the key usage extension in leaf certificates, which allows remote attackers to spoof servers via a crafted server certificate not authorized for use in an SSL/TLS handshake...

Charybdis: Improper assumptions in the server handshake code may lead to a remote crash

Access vector: network Access complexity: low Authentication requirement: none Confidentiality impact: none Integrity impact: none Availability impact: complete CVSSv2 temporal score: 6.4 Exploitability: functional exploit exists Remediation level: official fix Report confidence: confirmed Summar...

Null pointer dereference

modules/mcapab.c in 1 ircd-ratbox before 3.0.8 and 2 Charybdis before 3.4.2 does not properly support capability negotiation during server handshakes, which allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a malformed request...

CVE-2012-6084

Summary (CVE-2012-6084) A denial-of-service vulnerability affects ircd-ratbox and Charybdis IRC daemons due to improper handling of capability negotiation in the CAPAB m_capab.c module. The issue can be triggered remotely by a malformed handshake/request, leading to a NULL pointer dereference and...